your database front-end

Windows Authentication

Windows Authentication is the default type of authentication in dbFront.  Windows Authentication is also required for all users that need to setup or administer dbFront.

To set Windows Authentication for users you need to update the Connection Access to so that it uses Windows Authentication to authenticate users.  For more details see: Connection Access.  Once you choose Windows Authentication, two new tabs will be opened where you can select the access for specific groups or users.

GroupsdbFront create database connection

On the Group tab you can select two Active Directory groups.

Update Group

The Update Group will specify the list of users that have Update access to the databases and tables managed by this connection.

Readonly Group

The Readonly Group will specify the list of users that have Readonly access to the databases and tables managed by this connection.  Readonly users won't be able to update any data.  They will also not be able to click on any action buttons.

If a user is a member of both the Update and Readonly groups then the Readonly restriction will apply. 

Default Access

Default access applies to all users not specifically assigned either Update or ReadOnly access.  If you have a large number of users to manage then you can setup the dbFront Service to limit access to a specific group of users.  You can then use the default access setting to specify their default access level.  For more details see dbFront Users below.

UsersdbFront create database connection

The Users tab is for those instances where it is necessary to manage or override user access on an individual basis.   By default users will start with "Default" access.  You can easily change a users access by dragging them to the appropriate column.

Assignments made on this table override all other access except Administrative.

NOTE: If the user list is too large (more then 5000 dbFront users), then this tab will no longer allow selection from the entry list.  In that case limit the dbFront user count my means of a specific dbFrontUsers group or else use the security groups to manage application user access.

Update Access

This is for all normal users who will be searching for and updating data.  Hidden tables will be hidden (except where they are needed to populate drop-downs).

Readonly Access

The Read Only access level is reserved for users that you only want to give read only access to the data.   Their access will be similar to the Update Access group but they won't be able to update any data.  They will also not be able to click on any action buttons.

None (Deny)

Users assigned None access, won't have any access to the database.


Users with Default access will have their access determined by the settings on the Group tab.

Windows Authentication Setup

By design the authentication for dbFront is managed by the dbFront service.  This service should be installed inside your network with ready access to the database server and your authentication servers.   For detailed information on setting up the service see: Application Service Install

dbFront Users

The application service has three settings that can be used to select which users have default access to dbFront.   For more details see: dbFront Users

More Security Options

For more security options see: Authentication Overview

Content you want the user to see goes here.